puskin Posted May 25, 2008 Report Posted May 25, 2008 Se pot afla parolele stocate in Mozilla Firefox cautand pe huburile odc, dc++, sau chiar pe emule...directoarele sharate de pe "root"se cauta fisierele signons2.txt si key3.db se baga in decodorul pt. parole firefox si gata.....fisierele signons2.txt si key3.db sunt localizate in windows XP :C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\(nume aleatoriu).default\decodor pt parole firefox cautati pe google sunt multemetoda 2 fara a folosi un decodor:-se copie continutul fisierului signons2 in cadrul celui de pe propriul sistem.Afla parolele folosind firemaster si firepassword:===============================HistoryVersion 2.5: 22nd March 2008Pattern based brute force password recovery method is implemented which reduces the time considerably when certain part of the password is already known. Also minimum length of password can be specified which improves the recovery time greatly. Usage is simplified by forcing one crack method at a time and providing better meaningful options. Fixed the bug in displaying statistics and now it displays the remaining time accurately based on the current speed which is computed dynamically.Thanks for your suggestions and feedbacks...Version 2.2: 8th July 2006FireMaster source code is released under GPL v2.Version 2.1: 18th June 2006Tested successfully with latest version 1.5.0.4 of Firefox.Statistics display during the operation is improved.Version 2.0: 25th Feb 2006First public release of FireMaster SOURCE code.Now it works at amazing speed of 50k passwords per second on normal m/c.Firefox library dependency is removed completely.For brute force, speed and time is displayed during operation.Lots of optimizations and few bug fixes.Thanks to 'T Barton' for reporting the bug with 1.5 version.Version 1.5: 14th Jan 2006Bug in parsing key3.db fixed.Displaying results during recovery operation.Speed is doubled compared to the original version.Version 1.0: 1st Jan 2006First public release of FireMaster.About FireMasterFiremaster is the Firefox master password recovery tool. Firefox uses master password to protect the stored sign-on information for various websites. If the master password is forgotten, then there is no way to recover the master password and user has to lose all the sign-on information stored in it. To prevent this problem, I have developed FireMaster which uses combination of techniques such as dictionary, hybrid and brute force to recover the master password from the Firefox key database file.About Firefox Password Manager and Master PasswordFirefox comes with built-in password manager tool which remembers username and passwords for all the websites you visit. This sign-on information is stored in the encrypted form in Firefox database files residing in user's profile directory. However any body can just launch the password manager from the Firefox browser and view the credentials. Also one can just copy these database files to different machine and view it offline using the tools such as FirePassword.Hence to protect from such threats, Firefox uses master password to provide enhanced security. By default Firefox does not set the master password. However once you have set the master password, you need to provide it every time to view sign-on credentials.So if you have lost the master password, then you have lost all the stored credentials as well.So far there was no way to recover these credentials once you have lost the master password. Now the FireMaster can help you to recover the master password and get back all the sign-on information.Internals of FireMasterOnce you have lost master password, there is no way to recover it as it is not stored at all. Whenever user enters the master password, Firefox uses it to decrypt the encrypted data associated with the known string. If the decrypted data matches this known string then the entered password is correct. FireMaster uses the similar technique to check for the master password, but in more optimized way. The entire operation goes like this. * FireMaster generates passwords on the fly through various methods. * Then it computes the hash of the password using known algorithm. * Next this password hash is used to decrypt the encrypted data for known plain text (i.e. "password-check"). * Now if the decrypted string matches with the known plain text (i.e. "password-check") then the generated password is the master password.Firefox stores the details about encrypted string, salt, algorithm and version information in key database file key3.db in the user's profile directory. You can just copy this key3.db file to different directory and specify the corresponding path to FireMaster. You can also copy this key3.db to any other high end machine for faster recovery operation.FireMaster supports following password generation methods1) Dictionary MethodIn this mode, FireMaster uses dictionary file having each word on separate line to perform the operation. You can find lot of online dictionary with different sizes and pass it on to Firemaster. This method is more quicker and can find out common passwords.2) Hybrid MethodThis is advanced dictionary method, in which each word in the dictionary file is prefixed or suffixed with generated word from known character list. This can find out password like pass123, 12test, test34 etc. From the specified character list (such as 123), all combinations of strings are generated and appended or prefixed to the dictionary word based on user settings.3) Brute Force MethodIn this method, all possible combinations of words from given character list is generated and then subjected to cracking process. This may take long time depending upon the number of characters and position count specified.How to use FireMaster?First you need to copy the key3.db file to temporary directory. Later you have to specify this directory path for FireMaster as a last argument.Here is the general usage informationFiremaster [-q] [-d -f <dict_file>] [-h -f <dict_file> -n <length> -g "charlist" [ -s | -p ] ] [-b -m <length> -l <length> -c "charlist" -p "pattern" ] <Firefox_Profile_Path>Dictionary Crack Options: -d Perform dictionary crack -f Dictionary file with words on each lineHybrid Crack Options: -h Perform hybrid crack operation using dictionary passwords.Hybrid crack can find passwords like pass123, 123pass etc -f Dictionary file with words on each line -g Group of characters used for generating the strings -n Maximum length of strings to be generated using above character listThese strings are added to the dictionary word to form the password -s Suffix the generated characters to the dictionary word(pass123) -p Prefix the generated characters to the dictionary word(123pass)Brute Force Crack Options: -b Perform brute force crack -c Character list used for brute force cracking process -m [Optional] Specify the minimum length of password -l Specify the maximum length of password -p [Optional] Specify the pattern for the passwordSample Usage Information// Dictionary CrackFireMaster.exe -d -f c:\dictfile.txt Firefox_Profile_Path// Hybrid CrackFireMaster.exe -h -f c:\dictfile.txt -n 3 -g "123" -s Firefox_Profile_Path // Brute Force CrackFireMaster.exe -q -b -m 3 -c "abyz126" -l 10 -p "pa??f??123" Firefox_Profile_PathHere Firefox_Profile_Path refers to the directory where key3.db file is present. This points to the Firefox profile directory (Ex: C:\Documents and Settings\<user>\Application Data\Mozilla\Firefox\Profiles\<prof name>) on your machine. However you can also copy key3.db file from any other machine such as Linux system to your local windows machine and specify that path during recovering operation.Quiet mode ( -q option ) will disable printing each password while recovery is in progress. This makes it much faster especially for brute force operation. However during brute force operation if the password count exceeds 50000 passwords then it automatically enters the quiet mode.Hybrid method tries normal dictionary password as well as password created by appending/prefixing the generated strings to the dictionary word. For example if the dictionary word is "test" and you have specified character set as '123' (-c 123 -s) then the new passwords will be test1, test12, test123, test32 etc.Character list (-g for hybrid and -c for brute force) specifies the characters to be used for generating passwords. If you don't specify then the default character list is used. For brute force -m indicates the minimum length of password to be generated. This can reduce the generated passwords and hence the time considerably when large number of character set is specified. Similarly -l (small 'L') specifies the maximum length of password to be generated. For example, if you specify -m 6 and -l 8 then only passwords which are of length at least 6 and above but below 8 will be generated.Now you can reduce the password cracking time significantly using pattern based password recovery mechanism. If you know that password is of certain length and also remember few characters then you can specify that pattern for brute force cracking. For example, assume that you have set the master password of length 12 and it begins with 'fire' and ends with '123' then command will look like belowFireMaster.exe -b -c "abyz" -l 12 -p "fire?????123" c:\testpathThis will reduce the time to seconds which otherwise would have taken days or hours to crack that password. You can even crack the impossible looking passwords using the right pattern.FireMaster in ActionFireMaster and FireFoxFireMaster is tested with latest Firefox version and should work with any Firefox having version 1.0 or more.If the FireMaster failed to work with your Firefox then please send me the key3.db and cert8.db (required for older versions) files which are present in your Firefox profile directory. Note that sign-on credentials are stored in the signons.txt file and key3.db just contains the master password related information. So even if some one knows your master password it will be useless unless he/she has access to signons.txt file.DisclaimerFireMaster is designed with good intention to recover the lost master password so that every one keep enjoying their experience with Firefox.Like any other tool its use either good or bad, depends upon the user who uses it. However author is not responsible for damages or impact caused due to misuse of FireMaster.AcknowledgementThanks to the Mozilla-Firefox crew for making such an excellent, beautiful, free browser.Thanks to everyone who shared their experience with FireMaster and sending the valuable feedbacks and suggestions.Download FireMasterIf you want to build the FireMaster from the source then you need to download the Gecko SDK from Mozilla website. http://securityxploded.com/download.php#firemaster=====================================Using firepasswordHistoryVersion 2.0 : 3rd March 2007Support for Firefox version 2.0. New signon format is explained below.Few minor bug fixes and formatting of the result display.Version 1.7 : 8th July 2006Finally much awaited FirePassword source code is released under GPL v2.Master Password checking is improved and now its done at beginning itself.Removed the Gecko-SDK dependency completely.Tested successfully with latest Firefox version 1.5.0.4Version 1.6 : 25th Feb 2006Few bug fixes here and there.Thanks to Nemo for reporting the bug in base64 handling routine.Version 1.5 : 14th Jan 2006Static library dependency removed. Now libraries are loaded dynamically.Support for wider range of Firefox versions.Automatically detects Firefox profile directory if not specified.Version 1.0 : 1st Jan 2006First public release of FirePassword.About FirePasswordFirePassword is the tool designed to decrypt the username and password list from firefox sign-on database. Firefox stores the username and password information for various sites in its database files. FirePassword works on similar line as Firefox's built-in password manager but it can be used as offline tool to get the username/password information without running the Firefox.About Firefox Password ManagerFirefox has a built-in password manager tool which remembers username and passwords for all the visited websites. These credentials are stored in the encrypted from in Firefox database files mainly key3.db and signons.txt residing in user's profile directory. The key3.db file contains master password related information such as encrypted password check string, salt, algorithm and version information etc.Signons.txt file contains following information * Reject Host list : List of websites for which you don't want Firefox to remember the credentials. * Normal Host List : Each host URL is followed by username and password.Use of FirePasswordFirePassword is an alternative to Firefox's password manager tool. Main advantage of FirePassword is to use it as offline tool without running the Firefox. This is very useful during forensic investigation where one can copy the relevant files from the target system and view the credentials offline without affecting the environment of target system. Also pen testers can use it to view the credentials offline after retrieving sign-on files from the victim system.Working of FirePasswordFirefox stores the sign-on credentials in signons.txt file located in the user profile directory. The structure of sign-on information in the signons.txt file (signons2.txt for version 2) is as follows. For Firefox < version 2.0 * First comes the sign-on file header which is always "#2c" * Next comes the reject host list in clear text, one per line and terminated with full stop. * After that normal host list is stored in the following format Host URL Name (username or *password) Value (encrypted) .(full stop) For Firefox >= version 2.0 * First comes the sign-on file header which is always "#2d" * Next comes the reject host list in clear text, one per line and ends with full stop. * After that normal host list is stored in the following format Host URL Name (username or *password) Value (encrypted) Subdomain URL .(full stop)Here each Host entry can have multiple username/password pairs. Starting from Firefox version 2.0, sub domain URL is also included along with username/password entry. If it is the password field then its name begins with '*'.Now once the username and password values (which are encrypted) are extracted, next task is to decrypt them. Information required to decrypt these values is stored in key3.db file. If the master password is set, then you must provide the master password to proceed with decryption. If you have forgotten the master password, then you can use Firemaster tool to recover the master password. If the master password is set and if you have not provided it, then FirePassword will prompt you to enter the master password.Once you enter the password, FirePassword uses same decryption procedure used by Firefox to decrypt the sign-on information.Using FirePasswordYou have to copy the following files from the Firefox profile directory to temporary directory. * key3.db * cert8.db * signons.txtHere is the general usage informationFirePassword [-m "master password" ] <Firefox_Profile_Directory> Options: -m specify the master passwordFirefox_Profile_Directory is the path to the directory where the above 3 files are present. If you don't specify the master password and its set, then you will be prompted to enter the master password before decryption.FirePassword in ActionTesting FirePasswordFirePassword is tested with Firefox version 1.0, 1.5 to 2.0 and should work with any Firefox version 1.0 or more.However if the FirePassword fails on your system, then please drop a mail to me about your Firefox version and any other details which will help in fixing the problem.DisclaimerFirePassword is designed with good intention. Like any tool its use either good or bad, depends upon the user who uses it. However author is not responsible for damage caused due to misuse of this tool.Acknowledgement * Thanks to the Mozilla-Firefox crew for making such an excellent, beautiful, free browser. * Thanks to Stefano for informing and providing code to make the FirePassword to support Firefox version 2.0Download FirePasswordFirePassword source code is released under GPL license. This will help you understand and enhance the features of FirePassword.http://securityxploded.com/download.php#firepasswordcredit http://securityxploded.com Quote
mihai.vest Posted May 25, 2008 Report Posted May 25, 2008 ai fi putut pur si simplu sa raspunzi la topicul creat de mine sa mai deschizi alt topic dar in orice cazz o sa incerc metoda tametoda 2 nu prea functioneaza,este deja testata de mine Quote
ArgentinBoy Posted May 25, 2008 Report Posted May 25, 2008 pai spunene si noua cum se numeste decodorul sau la ce se foloseste mai exact ca eu nu am gasit pe google pentru ca nu am stiu exact ce sa caut Quote
puskin Posted May 25, 2008 Author Report Posted May 25, 2008 http://www.google.ro/search?hl=ro&q=mozilla+firefox+password+recovery&btnG=C%C4%83utare+Google&meta= Quote
ArgentinBoy Posted May 25, 2008 Report Posted May 25, 2008 Da foarte frumos ce mi-ai dat tu aici dar e versiunea trial si parolele nu le vadSi nu am reusit sa gasesc un registration codeOricum mersi ca mi-ai dat si atatBanuiesc ca va trebui sa ma multumesc cu ce am Quote
puskin Posted May 25, 2008 Author Report Posted May 25, 2008 Da foarte frumos ce mi-ai dat tu aici dar e versiunea trial si parolele nu le vadSi nu am reusit sa gasesc un registration codeOricum mersi ca mi-ai dat si atatBanuiesc ca va trebui sa ma multumesc cu ce am cu placere..sper sa te descurci.... Quote
puskin Posted May 25, 2008 Author Report Posted May 25, 2008 Daca reinstalati browser-ul fara sa pierdeti mare lucru:O cale simplã ar fi sã cãutaþi în directorul Documents and Settings /{Utilizatorul calculatorului}/Application Data/Mozilla/Firefox/Profiles/{ceva litere}/ urmãtoarele fiºiere:- bookmarks.html- cert8.db- key3.db-signons2.txtDacã le salvaþi deoparte ºi le repuneþi la locul lor dupã ce aþi reinstalat curat Firefox atunci veþi avea recuperate semnele de carte ºi c) parolele salvate în navigator. Desigur, acest truc merge la Firefox 2 ºi apropiatele, nu ºtiu cum va fi la Firefox 3, 4… 10.Aceste fiºiere sunt utile ºi dacã doriþi sã aveþi aceeaºi configuraþie (semne de carte ºi parole salvate) pe mai multe calculatoare (ex: de acasã ºi de la serviciu). În signon2.txt parolele sunt pãstrate nelizibil, dar aceasta nu înseamnã cã nu trebuie sã aveþi grijã de cine are acces la acest fiºier. Dacã nu vã inspirã încredere copierea unor fiºiere, folosiþi o extensie dedicatã: Password Exporter. Aceasta exportã parolele salvate într-un fiºier XML care evident poate fi apoi importat.Mai rãmâne problema extensiilor instalate. Personal prefer ca de fiecare datã sã îmi reinstalez curat extensiile. De aceea generez înainte lista extensiilor cu InfoLister, rezultatul fiind o paginã HTML în care apar toate extensiile ºi linkuri cãtre siturile dezvoltatorilor (aº fi preferat sã fie link spre extensii pe situl de add-on-uri de la Mozilla). În fine, puteþi folosi ºi alte extensii (cãutaþi aici). Un exemplu ar fi extensia FEBE (Firefox Extension Backup Extension) care se laudã a face cam tot ceea ce am descris eu mai sus dintr-un pas. Dar dupã cum spuneam, eu prefer reinstalare manualã a extensiilor. ªi ºtiþi de ce? Pentru cã este o ocazie bunã sã reevaluezi ce extensii îþi sunt necesare ºi ce nu. Asta dacã ºi la Dvs, ca ºi la mine, în timp se strâng multe extensii.Închei indicând extensiile care sunt mereu instalate la mine în Firefox ºi cu o scurtã motivaþie ºi link pentru instalare:- All-in-One Gestures: pentru ca sã pot naviga fãcând gesturi cu mouse-ul- ColorZilla: pentru a lua o culoare dintr-o imagine (utilã webmasterilor)- Cooliris Previews: revoluþioneazã navigarea (am scris de douã ori deja despre aceastã extensie)- CustomizeGoogle: e bun Google, dar poate fi fãcut ºi mai bun - Download Embedded: pentru a salva diverse fiºiere care sunt încorporate (embedded) în pagini- Download Statusbar: pentru a avea sub ochi situaþia descãrcãrilor- FaviconizeTab: fãrã ea mi-ar încãpea mai puþine taburi pe ecran - FireFTP: cine mai are nevoie de FileZilla sau AceFTP cu o aºa extensie?- FullerScreen: uneori vrei sã vezi doar pagina, fãrã nimic altceva- IE Tab: pentru a vedea o paginã în IE fãrã a lansa IE- Image Toolbar: pentru operaþiuni rapide pe imagini- MeasureIt: pentru mãsurãtori pe ecran (utilã webmasterilor)- Resizeable Form Fields: nu întotdeauna îmi ajunge spaþiul pus la dispoziþie în formulare- Server Switcher: pentru a comuta rapid între situl online ºi offline- Tab Mix Plus: o mai mare varietate de opþiuni de configurare pentru taburiLe numãr ºi… ok… tocmai am scris lista celor 15 extensii care îmi sunt favorite! Despre majoritatea am scris deja pe acest sit.http://addons.mozilla.org/en-US/firefox/addon/12http://addons.mozilla.org/en-US/firefox/addon/271http://addons.mozilla.org/en-US/firefox/addon/2207http://addons.mozilla.org/en-US/firefox/addon/743http://addons.mozilla.org/en-US/firefox/addon/1993http://addons.mozilla.org/en-US/firefox/addon/26http://addons.mozilla.org/en-US/firefox/addon/3780http://addons.mozilla.org/en-US/firefox/addon/684http://addons.mozilla.org/en-US/firefox/addon/4650http://addons.mozilla.org/en-US/firefox/addon/1419http://addons.mozilla.org/en-US/firefox/addon/243http://addons.mozilla.org/en-US/firefox/addon/539http://addons.mozilla.org/en-US/firefox/addon/3694http://addons.mozilla.org/en-US/firefox/addon/2409http://addons.mozilla.org/en-US/firefox/addon/1122Asta e joaca de copil...in comparatie cu XSS si SQLINJECTION.... Quote
Kestor Posted May 25, 2008 Report Posted May 25, 2008 Exista macar un keygen pt asta ? Sa stiu sa nu caut degeaba...Oricum ms mult. Quote
shinnok Posted May 25, 2008 Report Posted May 25, 2008 Passcape Mozilla Password Recovery: http://rapidshare.com/files/117607356/MPR.rar.html? Quote
sip Posted May 26, 2008 Report Posted May 26, 2008 sau mult mult mai simplu fara nici un program deschizi mozila dai sus la tools > options > show passwords si inca o data clic show passwords Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 sau mult mult mai simplu fara nici un program deschizi mozila dai sus la tools > options > show passwords si inca o data clic show passwordspoate imi explici si mie cum aflu eu parolele cuiva de pe odc sau din alta parte aplicand metoda ta... :?: Quote
5000hack Posted May 26, 2008 Report Posted May 26, 2008 mie imi da eroare la cand dau Next sa citeasca parola ... Daca dau pe Automatic firefox password nu merge da eroare cica zice ca nu gaseste firefoxu ... daca dau pe manual si gab fisieru sa scaneze zice the data not descryptible Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 fisierul signon2 trebuie pus in acelasi folder cu key! pune in folderul unde sunt setarile tale fisierul care vrei sa-l decriptezi ,dar inainte fa-ti un backup pt signon2 in care sunt setarile tale.sper ca ai inteles! Quote
ArgentinBoy Posted May 26, 2008 Report Posted May 26, 2008 fisierul signon2 trebuie pus in acelasi folder cu key! pune in folderul unde sunt setarile tale fisierul care vrei sa-l decriptezi ,dar inainte fa-ti un backup pt signon2 in care sunt setarile tale.sper ca ai inteles!OK eu am inteles si numai pentru ca stiu si asta ma simt mai destetpMersi multDar am o singura intrbareDc imi trebuie si key3.db ?Nu pot sa iau numai signok2.txt ? ca acolo sunt salvate parolele Quote
Kestor Posted May 26, 2008 Report Posted May 26, 2008 Nu merge doar punand signon2.txt si key3.db impreuna in acelasi folder, fie el si cel cu firefox. Ca sa mearga, descarcati de pe odc tot folderul <litere aleatorii>.defeault, salvati-l intr-un loc diferit de firefox, intrati pe passcape decrypter, selectati manual firefox, duceti-va in folderul descarcat pe share si selectati signon2.txt.Nu tot timpul iti descrifreaza toate parolele, dar in marea majoritatea a cazurilor merge. Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 pai in cazul asta este destul de greu pentru ca acele aleatorii nu sunt la fel la toate calculatoarele sau sunt?la mine de exemplu sunt ceva de genul mbc6p.......mai este si la altcnva tot la fel sau aceste litere sunt "personalizate"? Quote
Kestor Posted May 26, 2008 Report Posted May 26, 2008 sunt diferite la fiecare calculator. dar n-are importanta ca nu trebuie sa-l plasezi in folderul Firefox. deci poti sa-l pui orunde, sa-l decriptezi, si apoi sa-l stergi... dupa ce ai notat parolele Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 sunt diferite la fiecare calculator. dar n-are importanta ca nu trebuie sa-l plasezi in folderul Firefox. deci poti sa-l pui orunde, sa-l decriptezi, si apoi sa-l stergi... dupa ce ai notat parolele ok dar te intrebam pentru ca topicul creat de mine era legat de aflarea parolelor cu ajutorul unor fisiere gasite cu ajutorul odc-ului, si de aceea near fi mai usor daca am stii ce anume sa cautam decat asa sa luam utilizatorii care au dat share la C si sa vedem daca este bifata si aceea optiune(share hidden files).... Quote
Kestor Posted May 26, 2008 Report Posted May 26, 2008 Pai cautati "signons2.txt" pe odc, apoi dati "go to file" la unul din ele si vedeti in stanga fisierul ala cu numere aleatorii (este ultimul in 'arborele' acela). Dupaia il descarci si il decryptezi. Asa iti arata automat hidden filesurile la persoanele care au bifat acest lucru.Stiu ca explic ca un dos de curca, dar mi-e somn si n-am chef de nimic. O sa pun poze (screenuri) mai incolo daca trebuie. Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 cred ca ai fost destul de clar!mersideja am aflat zeci de parole!merge de minune Quote
Kestor Posted May 26, 2008 Report Posted May 26, 2008 cred ca ai fost destul de clar!mersideja am aflat zeci de parole!merge de minuneMa bucur. E distractiv, stiu. Pacat ca astia de pe oDC nu prea au lucruri personale interesante Quote
mihai.vest Posted May 26, 2008 Report Posted May 26, 2008 da dar daca ai noroc mai nimeresti cate unul care are prin mail cate ceva interesant dar destul de rar Quote
Deta Posted May 26, 2008 Report Posted May 26, 2008 De foarte multe ori imi da slot initialization failure.Oare de ce? Quote
puskin Posted May 26, 2008 Author Report Posted May 26, 2008 De foarte multe ori imi da slot initialization failure.Oare de ce?Si eu ma bucur ca va fost de folos...Deta te astept sa ma contactezi pe YM sa-ti dau un decriptor facut de mine care nu da eroare.Numai bene Quote